Sun's Proposed New Web Services Standards

Sun is trying to initiate a new round of Web services with a proposal for a set of standards that work on top of XML and WSDL.

Sun Microsystems Inc. is attempting to initiate a new round of Web services with a proposal for a set of standards that work on top of XML and Web Services Description Language.

But Sun and its partners have yet to say to which standards body they will submit their proposed spec.

Arjuna Technologies, Fujitsu Software, Iona Technologies, Oracle, and Sun have teamed up to propose that individual Web services be called up and combined to form "composite applications." Through Sun's proposed set of standards, such a composite application would be given a shared runtime environment that could determine the specific systems contributing to the service. It also would be given a coordination agent that made sure applications ran in the correct sequence and a transaction manager that supervised transactions across dissimilar applications.

The proposed set is called Web Services-Composite Application Framework, or WS-CAF. Today's leading Web services handle such coordination issues is "in a very ad hoc manner, if at all," says Mark Little, chief team architect for Arjuna.

The proposed standards will take the guesswork and ambiguities out of how to coordinate services from scattered systems into one composite application, or new Web service, says Ed Julson, Sun's group manager of Web services standards and technology.

The alternative, Julson says, is to go forward with competing methods of resolving service issues, as is the case with two of today's Web-services security standards: Web Services-Security proposed by IBM, Microsoft and VeriSign, and Web Services-Reliability proposed by Fujitsu, Hitachi, NEC, Oracle, Sonic Software, and Sun.

Among the standards bodies that might receive the Sun proposal are the Oasis Open consortium of vendors setting XML standards; the World Wide Web Consortium; and the Internet Engineering Task Force.
"From a pure technology standpoint, the group isn't breaking new ground," says Stephen O'Grady of Red Monk, a market research group. Sun and partners are making use of existing technologies, sometimes already in use in deployed Web services, he says. But "it's a novel and unique approach for creating composite applications composed of distinct Web services."

The most significant part of the proposal may prove to be the way it defines a way to manage transactions in the Web-services context, O'Grady says.

The Sun and partners proposal consists of three parts:

Web Service Context (WS-CTX), which provides a shared runtime environment to access the context or system specifics of a needed Web service and provides a mean to manage it.

Web Service Coordination Framework (WS-CF), which defines a software agent to handle context management. A service that was part of the composite application would register with the agent, which would tell it when to run and supply its service or results.

Web Service Transaction Management (WS-TXM), which defines three transaction protocols that can be plugged into the coordination framework and make use of existing transaction managers, such as IBM's CICS. One protocol would provide the dual-phase commit of the typical relational database system, but use it in a context of one application conducting an application with another dissimilar application. The dual-phase commit assures that both systems acknowledge the transaction has completed. Another protocol would be geared to handle long-running transactions, such as a transaction called for once a week or month by a Web service. The third protocol would be used to manage asynchronous business-process flows, where one system might not be running when another orders a transaction.

"There will be built-in interoperability issues as soon as developers start to build applications composed of several Web services," said Sun's Julson.

The proposed standards recognize existing Simple Object Access Protocol and WSDL, used to establish most of today's standalone Web services. Says Eric Newcomer, chief technology officer at Iona, "The big benefit of using these standards will be to use services from different sources and combine them together."

To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.

IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.

Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."